ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] MXs Used As Authentication - Why RMX?

2003-09-19 18:36:52
from [Alan DeKok] [Permanent Link] 
Brad Knowles <brad(_dot_)knowles(_at_)skynet(_dot_)be> wrote:

      As I see it, one primary problem with this draft is that it 
breaks the most common form of mailing lists -- aliases.


  This was discussed earlier on the list.  "outgoing" MX records mean
that some current network behaviours may change.  Mailing lists may
still exist, but their implementations may change.  Other than
deployment, I don't see this as much of a problem.


      This draft also prevents people from being able to legitimately 
transmit e-mail using domain names that they don't control, via other 
servers.  It is not at all unusual for me to go travelling somewhere 
and want to continue to use my normal e-mail address, but use the 
local mail relay services available from the provider I'm using at 
the moment.


  How does the recipient of that email establish a consent framework
for communication with you?  How does he separate your traffic from
the "forged spam" traffic?


      You would have no choice but to have SMTPAUTH or TLSSMTP 
available for the official relays for your domain, and to be able to 
guarantee that you can always get through to them using these 
features,


  How is this different than having you establish a consent framework
for communication?  


      I don't see this sort of solution being feasible.  The legitimate 
third-party relay problem is a tough one to solve.


  How does the recipient distinguish "legitimate" third-party relays
from "illegitimate" ones?

  Why is it the recipients problem to establish that legitimacy?  What
work are you willing to do, to share the burden of establishing that
legitimacy?

  I'm not opposed to legitimate third-party relaying.  But it's my
perogative as a recipient to discard any email I choose.  Unverifiable
third-party relaying is a large part of my spam, and costs me time and
money.  "legitimate" third-party relayers who ask that I spend more
time and money to "legitimatize" their email for them look a whole
lot like spammers, from that perspective.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] Re: Details, nazgul
Next by Date:  Re: [Asrg] MXs Used As Authentication - Why RMX?, Alan DeKok
Previous by Thread:  [Asrg] Re: Details, nazgul
Next by Thread:  Re: [Asrg] MXs Used As Authentication - Why RMX?, Alan DeKok
Indexes:  [Date] [Thread] [Top] [All Lists]